A blog covering security and security technology.
  1. Zoom Vulnerability

    The Zoom conferencing app has a vulnerability that allows someone to remotely take over the computer's camera. It's a bad vulnerability, made worse by the fact that it remains even if you uninstall the Zoom app: This vulnerability allows any website to forcibly join a user to a Zoom call, with their video camera activated, without the user's permission. On...
  2. Palantir's Surveillance Service for Law Enforcement

    Motherboard got its hands on Palantir's Gotham user's manual, which is used by the police to get information on people: The Palantir user guide shows that police can start with almost no information about a person of interest and instantly know extremely intimate details about their lives. The capabilities are staggering, according to the guide: If police have a name...
  3. Upcoming Speaking Engagements

    This is a current list of where and when I am scheduled to speak: I'm speaking at Black Hat USA 2019 in Las Vegas on Wednesday, August 7 and Thursday, August 8, 2019. I'm speaking on "Information Security in the Public Interest" at DefCon 27 in Las Vegas on Saturday, August 10, 2019. The list is maintained on this page....
  4. Friday Squid Blogging: When the Octopus and Squid Lost Their Shells

    Cephalopod ancestors once had shells. When did they lose them? With the molecular clock technique, which allowed him to use DNA to map out the evolutionary history of the cephalopods, he found that today's cuttlefish, squids and octopuses began to appear 160 to 100 million years ago, during the so-called Mesozoic Marine Revolution. During the revolution, underwater life underwent a...
  5. Clickable Endnotes to Click Here to Kill Everybody

    In Click Here to Kill Everybody, I promised clickable endnotes. They're finally available....
  6. Presidential Candidate Andrew Yang Has Quantum Encryption Policy

    At least one presidential candidate has a policy about quantum computing and encryption. It has two basic planks. One: fund quantum-resistant encryption standards. (Note: NIST is already doing this.) Two, fund quantum computing. (Unlike many far more pressing computer security problems, the market seems to be doing this on its own quite nicely.) Okay, so not the greatest policy --...
  7. Resetting Your GE Smart Light Bulb

    If you need to reset the software in your GE smart light bulb -- firmware version 2.8 or later -- just follow these easy instructions: Start with your bulb off for at least 5 seconds. Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds...
  8. Details of the Cloud Hopper Attacks

    Reuters has a long article on the Chinese government APT attack called Cloud Hopper. It was much bigger than originally reported. The hacking campaign, known as "Cloud Hopper," was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple Western companies but stopped short...
  9. Cell Networks Hacked by (Probable) Nation-State Attackers

    A sophisticated attacker has successfuly infiltrated cell providers to collect information on specific users: The hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records -- including times and dates of calls, and their cell-based locations -- on at least 20 individuals....
  10. Cardiac Biometric

    MIT Technology Review is reporting about an infrared laser device that can identify people by their unique cardiac signature at a distance: A new device, developed for the Pentagon after US Special Forces requested it, can identify people without seeing their face: instead it detects their unique cardiac signature with an infrared laser. While it works at 200 meters (219...

Copyright © 2019 • All Rights Reserved.Sensible Voice, LLC
1 High Street • Brandon, VT 05733 • Contact Us • Privacy Policy